From: Pavel Belous <pavel.bel...@aquantia.com>
Here we define hardware and software configuration structures
for macsec interface. MACSEC itself is implemented in Phy module,
but its configuration is done via firmware interface
Signed-off-by: Pavel Belous <pavel.bel...@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russk...@aquantia.com>
---
drivers/net/atlantic/atl_types.h | 37 ++++++
drivers/net/atlantic/hw_atl/hw_atl_utils.h | 148 +++++++++++++++++++++
2 files changed, 185 insertions(+)
diff --git a/drivers/net/atlantic/atl_types.h b/drivers/net/atlantic/atl_types.h
index 3edaf0c7c047..3cc9e96089e8 100644
--- a/drivers/net/atlantic/atl_types.h
+++ b/drivers/net/atlantic/atl_types.h
@@ -59,6 +59,39 @@ struct aq_rss_parameters {
u8 indirection_table[HW_ATL_B0_RSS_REDIRECTION_MAX];
};
+/* Macsec stuff */
+struct aq_macsec_config {
+ struct {
+ u32 macsec_enabled;
+ u32 encryption_enabled;
+ u32 replay_protection_enabled;
+ } common;
+
+ struct {
+ u32 idx;
+ u32 mac[2]; /* 6 bytes */
+ } txsc;
+
+ struct {
+ u32 idx;
+ u32 an; /* association number on the local side */
+ u32 pn; /* packet number on the local side */
+ u32 key[4]; /* 128 bit key */
+ } txsa;
+
+ struct {
+ u32 mac[2]; /* 6 bytes */
+ u32 pi;
+ } rxsc;
+
+ struct {
+ u32 idx;
+ u32 an; /* association number on the remote side */
+ u32 pn; /* packet number on the remote side */
+ u32 key[4]; /* 128 bit key */
+ } rxsa;
+};
+
struct aq_hw_cfg_s {
bool is_lro;
bool is_rss;
@@ -75,6 +108,7 @@ struct aq_hw_cfg_s {
uint32_t flow_control;
struct aq_rss_parameters aq_rss;
+ struct aq_macsec_config aq_macsec;
};
struct aq_hw_s {
@@ -143,6 +177,9 @@ struct aq_fw_ops {
int (*set_eeprom)(struct aq_hw_s *self, int dev_addr,
u32 *data, u32 len);
+ int (*send_macsec_req)(struct aq_hw_s *self,
+ struct macsec_msg_fw_request *req,
+ struct macsec_msg_fw_response *response);
};
struct atl_sw_stats {
diff --git a/drivers/net/atlantic/hw_atl/hw_atl_utils.h
b/drivers/net/atlantic/hw_atl/hw_atl_utils.h
index f2a87826c0d1..b7c531573623 100644
--- a/drivers/net/atlantic/hw_atl/hw_atl_utils.h
+++ b/drivers/net/atlantic/hw_atl/hw_atl_utils.h
@@ -351,6 +351,154 @@ struct smbus_write_request {
u32 length;
} __attribute__((__packed__));
+enum macsec_msg_type {
+ macsec_cfg_msg = 0,
+ macsec_add_rx_sc_msg,
+ macsec_add_tx_sc_msg,
+ macsec_add_rx_sa_msg,
+ macsec_add_tx_sa_msg,
+ macsec_get_stats_msg,
+};
+
+struct macsec_cfg {
+ uint32_t enabled;
+ uint32_t egress_threshold;
+ uint32_t ingress_threshold;
+ uint32_t interrupts_enabled;
+} __attribute__((__packed__));
+
+struct add_rx_sc {
+ uint32_t index;
+ uint32_t pi; /* Port identifier */
+ uint32_t sci[2]; /* Secure Channel identifier */
+ uint32_t sci_mask; /* 1: enable comparison of SCI, 0: don't care */
+ uint32_t tci;
+ uint32_t tci_mask;
+ uint32_t mac_sa[2];
+ uint32_t sa_mask; /* 0: ignore mac_sa */
+ uint32_t mac_da[2];
+ uint32_t da_mask; /* 0: ignore mac_da */
+ uint32_t validate_frames; /* 0: strict, 1:check, 2:disabled */
+ uint32_t replay_protect; /* 1: enabled, 0:disabled */
+ uint32_t anti_replay_window; /* default 0 */
+ /* 1: auto_rollover enabled (when SA next_pn is saturated */
+ uint32_t an_rol;
+} __attribute__((__packed__));
+
+struct add_tx_sc {
+ uint32_t index;
+ uint32_t pi; /* Port identifier */
+ uint32_t sci[2]; /* Secure Channel identifier */
+ uint32_t sci_mask; /* 1: enable comparison of SCI, 0: don't care */
+ uint32_t tci; /* TCI value, used if packet is not explicitly tagged */
+ uint32_t tci_mask;
+ uint32_t mac_sa[2];
+ uint32_t sa_mask; /* 0: ignore mac_sa */
+ uint32_t mac_da[2];
+ uint32_t da_mask; /* 0: ignore mac_da */
+ uint32_t protect;
+ uint32_t curr_an; /* SA index which currently used */
+} __attribute__((__packed__));
+
+struct add_rx_sa {
+ uint32_t index;
+ uint32_t next_pn;
+ uint32_t key[4]; /* 128 bit key */
+} __attribute__((__packed__));
+
+struct add_tx_sa {
+ uint32_t index;
+ uint32_t next_pn;
+ uint32_t key[4]; /* 128 bit key */
+} __attribute__((__packed__));
+
+struct get_stats {
+ uint32_t version_only;
+ uint32_t ingress_sa_index;
+ uint32_t egress_sa_index;
+ uint32_t egress_sc_index;
+} __attribute__((__packed__));
+
+struct macsec_stats {
+ uint32_t api_version;
+ /* Ingress Common Counters */
+ uint64_t in_ctl_pkts;
+ uint64_t in_tagged_miss_pkts;
+ uint64_t in_untagged_miss_pkts;
+ uint64_t in_notag_pkts;
+ uint64_t in_untagged_pkts;
+ uint64_t in_bad_tag_pkts;
+ uint64_t in_no_sci_pkts;
+ uint64_t in_unknown_sci_pkts;
+ uint64_t in_ctrl_prt_pass_pkts;
+ uint64_t in_unctrl_prt_pass_pkts;
+ uint64_t in_ctrl_prt_fail_pkts;
+ uint64_t in_unctrl_prt_fail_pkts;
+ uint64_t in_too_long_pkts;
+ uint64_t in_igpoc_ctl_pkts;
+ uint64_t in_ecc_error_pkts;
+ uint64_t in_unctrl_hit_drop_redir;
+
+ /* Egress Common Counters */
+ uint64_t out_ctl_pkts;
+ uint64_t out_unknown_sa_pkts;
+ uint64_t out_untagged_pkts;
+ uint64_t out_too_long;
+ uint64_t out_ecc_error_pkts;
+ uint64_t out_unctrl_hit_drop_redir;
+
+ /* Ingress SA Counters */
+ uint64_t in_untagged_hit_pkts;
+ uint64_t in_ctrl_hit_drop_redir_pkts;
+ uint64_t in_not_using_sa;
+ uint64_t in_unused_sa;
+ uint64_t in_not_valid_pkts;
+ uint64_t in_invalid_pkts;
+ uint64_t in_ok_pkts;
+ uint64_t in_late_pkts;
+ uint64_t in_delayed_pkts;
+ uint64_t in_unchecked_pkts;
+ uint64_t in_validated_octets;
+ uint64_t in_decrypted_octets;
+
+ /* Egress SA Counters */
+ uint64_t out_sa_hit_drop_redirect;
+ uint64_t out_sa_protected2_pkts;
+ uint64_t out_sa_protected_pkts;
+ uint64_t out_sa_encrypted_pkts;
+
+ /* Egress SC Counters */
+ uint64_t out_sc_protected_pkts;
+ uint64_t out_sc_encrypted_pkts;
+ uint64_t out_sc_protected_octets;
+ uint64_t out_sc_encrypted_octets;
+
+ /* SA Counters expiration info */
+ uint32_t egress_threshold_expired;
+ uint32_t ingress_threshold_expired;
+ uint32_t egress_expired;
+ uint32_t ingress_expired;
+} __attribute__((__packed__));
+
+struct macsec_msg_fw_request {
+ uint32_t offset; /* not used */
+ uint32_t msg_type;
+
+ union {
+ struct macsec_cfg cfg;
+ struct add_rx_sc rxsc;
+ struct add_tx_sc txsc;
+ struct add_rx_sa rxsa;
+ struct add_tx_sa txsa;
+ struct get_stats stats;
+ };
+} __attribute__((__packed__));
+
+struct macsec_msg_fw_response {
+ uint32_t result;
+ struct macsec_stats stats;
+} __attribute__((__packed__));
+
#define HAL_ATLANTIC_UTILS_CHIP_MIPS 0x00000001U
#define HAL_ATLANTIC_UTILS_CHIP_TPO2 0x00000002U
#define HAL_ATLANTIC_UTILS_CHIP_RPF2 0x00000004U
--
2.17.1
